About the Author xi
■About the Technical Reviewer . xii
■Acknowledgments xiii
■Introduction xiv
■Chapter 1: Best Laid Plans .1
■Chapter 2: Creating a Django Site 17
■Chapter 3: Models for Sale 39
■Chapter 4: The Shopping Cart 79
■Chapter 5: Site Checkout & Orders 109
■Chapter 6: Creating User Accounts 153
■Chapter 7: Product Images 173
■Chapter 8: Implementing Product Search .179
■Chapter 9: Intelligent Cross-Selling .193
■Chapter 10: Adding in Ajax 205
■Chapter 11: Search Engine Optimization .231
■Chapter 12: Web Security Overview 255
■Chapter 13: Improving Performance .279
■Chapter 14: Django Testing .299
■Chapter 15: Deployment 323
■Chapter 16: Django on Google App Engine 341
■Index 365
408 trang |
Chia sẻ: tlsuongmuoi | Lượt xem: 2709 | Lượt tải: 1
Bạn đang xem trước 20 trang tài liệu Beginning Django E - Commerce, để xem tài liệu hoàn chỉnh bạn click vào nút DOWNLOAD ở trên
—321
case-sensitivity, in database engines, 42
INDEX
368
Catalog and Product models, specifying
relationship between, 349
catalog app, creating catalog directory in, 45
catalog data, creating app for, 348—349
catalog views, coding up, 68—69
catalog.html file
adding warning message to, 228
changing placeholder line of text in, 107
creating in templates directory, 26—27
creating, 26—28
tweaking to use new template tag, 104
catalog.html template file, creating to house
layout of site, 347—348
catalog/category.html file, adding product
thumbnail into, 178
catalog/models.py file, adding imports and
signal connections to, 292
catalog/product.html, changing to call caption
field, 178
catalog/product.html template, adding code to
restrict product review form display,
214
catalog/tag_cloud.html template file, creating,
225
catalog_filters.py file, adding custom currency
filter code to, 96—97
catalog_tags.py file, adding function for
inclusion tag in, 202
catalog_tags.py module
adding code to, 103
adding flatpages code to, 107
creating, 102
categories, linking to the Category pages, 53
category and product admins, 57—59
Category class, adding cache_key property to,
292—293
category description field, 51
category link list, 73
category list, creating for left-hand column on
site, 350
category list tag, re-creating, 103—104
category model
coding, 50
creating, 50—54
Category model class
hooking up the new Manager class in, 181
writing test class for, 314
category pages, list of items for, 48
category testing, 309—312
category.html file, adding code to category page
in, 70
category_list() inclusion tag function,
modifying to use cache first, 291
category_list.html file, adding content to, 103—
104
cc_expire_months() method, creating Python
list of tuples with, 136
cc_expire_years() method, 136
certificate authorities
function of, 334—335
most well-known, 335
certificate file
adding header to all requests from NginX to
Apache, 337—338
creating, 336
Certificate Signing Request (CSR)
creating, 335
generating, 335
certificates, on Windows server, 336
Change Password page, creating, 162—163
character encodings, web site address for
thorough listing of, 138
CharField field type, that stores data, 48
Charge order button, capturing payment from
customer with, 123
checkout app, 45
creating, 116—124
Checkout button, adding to cart page template
and testing, 119—124
checkout form, 133—137
testing, 318—319
checkout page, updating, 169—171
checkout template and order form, 143—149
checkout views and URLs, 141—143
checkout.html file, adding template code to,
144—145
checkout.html template, adding redirect to
login page in, 170—171
checkout.py file
altering get_checkout_url() function in,
138—139
creating, 119
checkout_tags.py, adding to templatetags
directory, 144
CheckoutForm class, getting to, 136—137
child elements, referencing first and last, 209
Churcher, Clare, Beginning Database Design by,
44
INDEX
369
clean() method, 88
clean_field_name() methods, specifying inside
the form class, 137
Client instance, creating one with an item in
cart, 318
Client test class, adding to tests.py, 318—319
cloud_for_model() method, retrieving all tags
for a given model with, 225
cmemcache module, web site address, 287
CNP transactions. See Card Not Present (CNP)
transactions
code, testing, 300—301
commenting your code, 91
commit keyword argument, 127
configuring, local settings, 259
Contact page, 105
Contact static flatpage, adding, 106
content relocation, 244—245
contenttypes framework, Django's, 221
Context object, 24—25
context processors, 67
creating valid, 67
making available to project, 67—68
context_instance argument, get_object_or_404,
69
context_processors.py file, creating, 67
COOKIE_SESSION_AGE value, setting, 285
cookies
checking for, 87
destroying dummy, 87
importance of enabling in cart app, 86
making unreadable, 85
setting to last 90 days, 85
tracking shopping cart data with, 81
writing a dummy test one, 87
core competency, 2
create order() method, 140
create_order() function
creating link from order to user in, 164
updating for Order Info page, 170
created_at DateTimeField, specifying reverse
sort order in, 52
credit, 129
credit card data
extracting from form post data, 140
secure storage of, 269—270
credit card form
example of, 276
output of processing, 277
credit card information, adding form fields to
capture, 137
credit card model and form, 273—278
credit card numbers, validating, 133
credit card transactions, 129
credit card validation, Python function for, 134
cross-selling, intelligently, 193—204
cross-site request forgery (CSRF) attacks,
preventing, 263—265
cross-site scripting attacks
custom template filters to prevent, 96
preventing, 262—263
testing for, 262—263
CRUD commands, 41
cryptographic hash function, for storing
passwords, 266—268
CSRF. See cross-site request forgery (CSRF)
attacks
CSS, adding, 29—34
CSS and JavaScript
moving into separate files, 295
reducing number of external components,
295—296
CSS file
adding navigation list of hyperlinks to, 35
adding styles to position and style new divs
to, 228—229
adding styles to, 104
attaching to template files, 31—32
for very large sites, 33
CSS style definition, adding in stylesheet to
color tag links, 224
CSS styles, admin interface, 338—339
css.css file
adding field.checkout styles to, 146—147
adding new CSS classes to, 72
CSVs (comma-separated values), 40
currency filter, creating custom, 96—97
currency values, storing in applications, 49
custom currency filter, creating, 96—97
custom sale_price() method. See sale_price()
method
custom template tags, adding, 101
customer order, list of items included in, 151
customer registration, revisiting, 259—261
customer-based order filtering, 195
Customers who purchased this product also
purchased…, adding to product page,
195
INDEX
370
Cutts, Matt, web site address, 234
D
Daswani, Neil, Foundations of Security: What
Every Developer Needs To Know by, 278
data
deleting old from databases, 284—286
the virtue of stale, 287—288
data, transferring with Django, 338
Data Encryption Standard (DES), replaced by
Advanced Encryption Standard (AES),
271
Data Tier, 44
data warehouse principle, 247
Data Warehouse Toolkit, The, by Ralph Kimball
and Margy Ross, 246
database
effect on performance, 280—286
storing secrets in, 266—267
database engines, ordering and case sensitivity
in, 42
database indexes, creating, 283—284
database table, basic operations you can
perform in, 41
databases, deleting old data from, 284—286
databases. See also relational database
introduction to, 40—44
normalizing, 43
setting up for your products, 39—78
dates, used in apps, 50
DateTime fields, 52
DAVE (Delete, Add, View, and Edit), 41
debug mode, the evils of, 258
DEBUG value, setting to avoid security
breaches, 258
DEBUG variable, setting to True, 36
decimal_places, DecimalField, 55
DecimalFields, storing monetary values in, 49
decorator, @ character as, 53
Definition Language (DDL), looking at, 60
Definitive Guide to MySQL, The, Third Edition,
By Michael Kofler, 40
DELETE command, 41
delete() function, purging an item from the
cache with, 289
delete_old_carts.py file, calling to remove old
carts, 285
deployment, of apps into production, 323—339
description meta tag, recommended maximum
length for, 234
/diagnose, adding for debugging problems, 121
__dict__ attribute, 64-65
dictionary attack, 260
dictionary of headers, for request, 138
dir() method, 64
directories, copying key file and certificate file
into, 336
distinct() method
calling to eliminate duplicates, 194
getting list of distinct product purchases
with, 195
distributed version control system, Git as, 6
division of labor, advantages of, 255—256
Django
admin interface, 4
App Engine patch, 343—345
availability of, 4
configuring Apache to talk to, 328
core competencies, 4
creating a site, 17—18, 38
dealing with exceptions, 22—23
deployment philosophy, 324—325
downloading, 4
enforcing uniqueness on a database field,
41
handling of requests made to site, 23
hooking Apache into, 328
installing, 8—9
modularity of, 5
on Google App Engine, 341—364
order checkout by, 130—151
Ruby on Rails migration to, 175
setting up databases in, 44—45
straying from the philosophy, 5
testing, 299—321
transferring data with, 338
URL management, 4
web site address for online documentation,
63
welcome to, 17—19
what it creates for project, 18—19
what it gives you, 44—45
Django admin interface, 56—65
adding new categories to, 62
changing settings.py file in, 56—57
customizing, 63
homepage, 61
INDEX
371
login screen, 61
Django application, defined, 39
Django cache API, low-level, 289—291
Django client test class, creating new instance
of, 304—305
Django content types, 221
Django contenttypes framework, 221
Django DB Log middleware module, 22—23
Django exceptions, logging, 22—23
Django feed framework, 251
Django forms, using, 86—95
Django Image Fields, 174
removing existing from database table, 175
Django models. See also models
creating, 45—56
Django permissions, 256—257
applying to groups and users, 257
Django redirects framework, permanently
redirecting URLs with, 244
Django sessions, overview, 84—85
Django signals
a quick word about, 293
for cache invalidation, 291—293
Django sites framework, making sure it is
installed, 243
Django SlugField, use of on models, 234
Django source code, making friends with, 153—
154
Django template blocks, 26
Django template filter, using, 71—72
Django template filters, 96—97
Django templates, 24—25
if and for tags, 96
levels of, 25—28
Django templating system, basics of, 23—25
Django test suite, testing your web site with,
299—321
Django TestCase testing methods, 302
Django User model, adding a field to, 155
Django user profiles, creating, 165—171
Django view, Python function that acts as, 23—
24
Django web framework
architecting a site with, 1—16
creating a site, 17—18
reasons for using, 4—7
djangodblog app, 45
Django's authentication app, hooking into,
154—165
django-sphinx, as third-party search solution,
192
django-tagging
adding to project INSTALLED_APPS
section, 220
downloading and installing, 220—221
dmigrations, 175
do_auth_capture() function, how it works, 138
doctests, 299
Document Type Declaration, changing web
site's, 240
Dojo, JavaScript library, 208
double curly-braces {}, in templates, 25
DRY models and forms, 126—128
DRY principle, 54
duck typing, in Python, 155
dummy cookie. See cookies
dumpdata command, 307
duplicate content problem, dealing with, 236—
238
E
Eclipse, installing, 9
e-commerce, and search tracking, 248—250
e-commerce application
business requirements, 12—15
creating the catalog app, 45
creating with Django web framework, 1
creating your own, 2—3
how it all works, 75—77
marketing decisions, 14—15
reviewing code for, 73—75
ecomstore project, what Django creates for, 18—
19
ecomstore.crt certificate file, creating, 336
ElementTree library, web site address, 114
encryption and decryption keys, secure storage
of, 271
encryption keys, creating subdirectory in
system shell to hold, 272
encryption process, creating a key to use for,
272
environment, configuring so Apache can talk to
Django, 328
error logs, Remote Data API, and network
programming, 362—363
error messages, handling in Add To Cart form,
94
example.com, in Sites section, 105
INDEX
372
exclude variable, 58
external components
optimizing, 296—297
reducing number of, 295—296
F
fetch() method, using for list of results, 351
File Not Found, and custom 404s, 77
FileField, 55
filter() function, 164
filtering, order-based, 194
filters, chaining together, 182—183
Firebug, addon for Firefox, 7
Firefox, using as browser, 6—7
Firefox Accessibility Extension, addon for
Firefox, 7
fixtures
creating from test database, 307
managing test state with, 307—308
specifying in each test class, 308
flatpages
adding to admin interface, 105—107
static content with, 105—107
flatpages app
for Django, 37
for static content, 105—107
hooking up, 105
flatpages subdirectory, creating default.html
file in, 106—107
footer_links.html template, adding caching tags
to, 288
foreign key, 43
form
checking validity of before saving, 127
saving, 127—128
form class, that inherits from ModelForm, 127
form class definition, adding to forms.py file,
274—275
form fields
adding to form to capture credit card
information, 137
setting size attribute for, 136
form variable, returning with each product
page response, 311
form_table_row.html file, adding HTML and
Django template code to, 143—144
forms, DRY models and, 126—128
forms and shopping cart, testing, 315—318
forms.py file
adding code to for Order Info page, 167
adding code to for password security, 260—
261
adding custom drop-down menus to, 134—
137
adding form class definition to, 274—275
adding review form definition to, 214
creating and adding code to, 355
Foundations of Python Network Programming,
by John Georzen, 151
Foundations of Security, by Neil Daswani,
Christoph Kern, and Anita Kesevan,
278
frequent_search_words() function, calling to
get a Python list, 199
Front-end engineering, 293—297
functional specifications, creating before
programming, 1—2
functional tests, writing, 304—307
G
_generate_cart_id() method, for creating Cart
ID, 85
_generated_media, creating newest version of
files in, 345
Georzen, John, Foundations of Python Network
Programming by, 151
GET and POST, used when processing forms, 88
get() function, using on the cache, 289
get_absolute_url() method, using to get cache
key value, 290
get_absolute_url() method
defining on Order model, 162
effect of calling, 53
generating links automatically on Product
model with, 244
get_checkout_url() function, altering, 139—140
get_object_or_404, using in Django, 69
get_recently_viewed() function, uses for, 201
Git, 6
global_settings.py file, opening, 67
Google
proprietary database storage engine, 324
submitting a sitemap to, 242
submitting orders to, 111—112
Google Adwords Keyword Tool, for checking
keywords people are searching for, 235
Google Analytics, 246
signing up for, 248
INDEX
373
Google App Engine
deploying project into, 50
Django on, 341—364
signing up for a developer account with, 342
signing up for an account, 342
starting registration process, 342
the inconvenient truth about, 342
verifying account via SMS, 343
Google App Engine Patch, web site address, 343
Google App Engine SDK, downloading for the
Python environment, 343
Google App Engine Store
creating new, 346—353
views and templates for, 356—361
Google Base, web site address, 251
Google Base product feed, 251—252
Google Checkout API, 109—124
sandbox account for testing Google
Checkout, 110—111
signing up with, 110—111
submitting orders to, 111—112
Google Checkout button, checkout views and
URLs, 141—143
Google Checkout Merchant Account
signing up for, 110—111
upgrading sandbox account to, 124
Google Checkout page, redirecting user to, 119
Google Checkout sandbox account
signing up for, 110—111
web site address, 110
Google Checkout XML API, web site address,
111
Google datastore, managing indexes for, 361—
362
Google Keyczar, 271—273
amending import statement after using
easy_install utility, 273
Google Sets, using for keyword lists, 235
Google Webmasters, 245—246
google_base.xml, creating template for, 251
google_checkout.py file, creating, 116—118
Google's SEO guidelines, web site address, 232
groups, applying permissions to, 257
H
hash salt, using to compute hash value, 268—
269
Haystack search package, 192
header tags, treatment of by browsers, 234
Hello App Engine Path, for Django, 346
help_text property, 51
helper functions (methods)
in forms.py file, 136
on test classes, 311
home page
building, 202—204
example of, 33
recommendations, 196—202
home page view function, adding data from
new stats app into, 203
Horizontal Integration Model, invoking
explicitly for deployment, 325
hosting plan, finding for your app deployment,
325
hostname, canonicalizing, 237
HTML anchor tag, providing for copying and
pasting into other sites, 232
HTTP requests
making in Python, 114—115
secure, 128—129
HTTP status code of 500
meaning of, 219
troubleshooting with view function, 220
httplib HTTP common status codes, table of,
305
httplib module, in Python, 128
HTTPS protocol, configuring for deploying web
application, 334
hybrid approach method
adding to product page, 196
method for, 196
I
icontains field lookup keyword argument,
retrieving products using, 180
id integer field, 41
image tag line, changing in template, 178
image tags, handling of alt text for by browsers,
234
image templates, making changes to, 177—178
ImageField, 55
images
adding new to product page, 176—177
dealing with, 173—174
inbound links, importance of, 232—233
include directive, using, 35—37
inclusion tag, adding function for in
catalog_tags.py file, 202
INDEX
374
inclusion_tag() function call, passing template
name into, 102
IndexError, raised trying to get the category,
307
inheritance, advanced templates with, 25—28
__init__() method, 88
__init__.py file, 45
creating, 188
for ecomstore project, 18
inner Meta class, exclude value in, 137
INSTALLED_APPS
including sitemaps app in, 243
installing redirects app to, 244
INSTALLED_APPS Python tuple, 22—23
installing
MySql, 9
PyDev extensions, 9
Python, 7—8
software, 7—9
integer data types, used in apps, 50
IntegrityError, testing for, 314—315
InvalidSignatureError exception, raised by
Decrypt() function, 273
inventory management and purchasing, for e-
commerce applications, 13
is_active permission, controlling access to site
with, 256
is_bestseller field, 55
is_featured field, 55
is_staff permission, controlling access to site
with, 256
is_superuser permission, controlling access to
site with, 256
is_valid() method, 127
isapi-wsgi module
for integrating IIS with Python WSGI
applications, 328
web site address for obtaining source code,
328
ISUD mnemonic, in SQL syntax, 41
J
JavaScript, finishing touches, 226—229
JavaScript function, for linking view function
and interface, 223
JavaScript libraries, availability of, 208
JavaScript Object Notation (JSON), 211—212
returning all active products on site with,
212
join() function, using, 34
joins, avoiding expensive, 281—283
jQuery
basics, 209—211
downloading, 208—209
for Ajax, 208—213
jQuery functions, chaining together, 210
jQuery JavaScript library, 208
jQuery object
referencing elements in the DOM with, 209
via $ syntax, 210
K
Kern, Christoph, Foundations of Security: What
Every Developer Needs To Know by, 278
Kesevan, Anita, Foundations of Security: What
Every Developer Needs To Know by, 278
key file, generating one that doesn't require a
passphrase, 336
key name, choosing value for, 289
Keyczar. See Google Keyczar
keyczar.py module, for creating keys, 272
keyczart module, creating a keyset with, 272
keys and certificates, generating with OpenSSL,
335
keyset, creating with keyczart module, 272
keyword list
generating, 235—236
narrowing search terms in, 236
using Google Sets for, 235
keywords
for creating queries, 182
in URLs, 234—235
keywords meta tag, contents of, 234
Kimball, Ralph, Data Warehouse Toolkit, The:
The Complete Guide to Dimensional
Modeling (Second Edition) by, 246
Kofler, Michael, The Definitive Guide to MySQL,
Third Edition by, 40
Kornewald, Waldemar, App Engine Patch
project started by, 343
L
Link to Cart box, creating custom template tag
to contain, 101—102
list_display, 58
list_display_links, 58
list_filter property, 150
INDEX
375
list_per_page, 58
local settings, configuring, 259
locale module, formatting and displaying
currency values with, 97
localflavor module, for capturing form
information in other countries, 134
locals() function, 69
location, location, location, path to project, 34
log_product_view() function
adding the call to, 202
logic for acquiring valid IP address, 311
logged_out.html, creating template for, 160
login and registration pages, creating, 156—160
login page
adding code for, 157
creating, 156
login view, code for, 153—154
login() function vs. authenticate() function, 158
Logs page, containing server error info for your
app, 363
lookups, complex with Q objects, 182—183
Luhn algorithm, 134
M
_make_token() function, calling, 317
manage.py file, adding common commands to,
286
manage.py file
contents of, 21
for ecomstore project, 18
Manager classes, creating custom, 181
many-to-many relationship, 42
max_digits argument, DecimalField, 55
MD5 hash algorithm, use of to compute
password hashes, 268
media generator utility, adding brubeck.css file
with, 360—361
MEDIA_ROOT variable, setting, 176
MEDIA_VERSION number, importance of
changing for deployed sites, 345
Memcache wiki, web site address, 290
Memcached, caching with, 287
Memcached server, hooking up once installed,
287
Merchant ID and Merchant Key
adding to settings.py module, 115
for Google Checkout, 115
Merchant Key and Merchant ID, for Google
Checkout, 115
Mercurial, 6
Meta class
declaring, 52
defining two methods on, 53
meta tag content, fields used in, 78
meta tags, importance of for searching, 233
meta tags and page titles, configuring, 66—68
microformatted data, example of, 239
middleware, 125
MIDDLEWARE_CLASSES Python tuple, 22—23
minus (-) sign, for sorting in reverse order, 52
mod_rewrite, web site address, 37
mod_rewrite module, implementing custom
middleware class with, 238
mod_rpaf module, installing, 332
mod_wsgi file, creating, 328—329
mod_wsgi module, for hooking Apache into
Django, 328
model data, playing with, 64
model field data types, 48—50
model layer, 41
model managers, querying for product data,
180—182
model relationships, importance of order in, 63
model structure and data, playing with, 64—65
model validation, a note on, 59—60
ModelForm option, making full use of, 127
models, searching, 280—281
models. See also Django models
playing with structure and data, 64—65
synching up and validating, 60—63
models.py file, 45
adding code for product review model to,
213
adding code to Product model in, 194
adding model definitions to, 131—133
creating new Manager class in, 203
creating Product model in, 54—56
models.py module, creating model definition
in, 167
Modern Musician application
code in review, 73—74
considerations before starting, 9—12
functional specifications for, 2
how it works, 75—77
monkey patching, in Python, 155
MooTools, JavaScript library, 208
My Account page, 160—162
adding import statements to, 161
INDEX
376
creating, 156
example of final, 160
My product page, example of, 74—75
my_account.html template file, creating and
adding template code to, 161
MySQL
installing, 9
web site address, 21
MySQL database
creating for Django project, 19—22
importance of changing password before
using, 20
MySQL storage engines, 20
mysql utf-8 collation, 21
mysqldump utility, web site address, 339
N
NameVirtualHost directive, updating, 334
navigation tags, creating, 107—108
navigation.html file
adding additional links to, 159—160
editing list of links in, 107
network connections, creating, 128
network latency, dealing with, 226—227
Nginx
configuring to forward IP address from
incoming requests, 332—333
for static media, 331
installing and configuring, 331—333
web site address, 331
NginX virtual host file, adding entry to for
listening for traffic on 443, 337
NoArgsCommand, creating a subclass of, 286
Not Invented Here (NIH) Syndrome, danger of,
246
n-tier architecture, 44
numbers, storing, 50
O
offset, formula for calculating, 351
OLAP (Online Analytical Processing), 247
old_price field, argument for, 55
OLTP (Online Transaction Processing), 247
one-to-many relationship, 42
one-to-one relationship, 43
opening and closing form elements, creating,
93
OpenSSL, web site address, 335
order administration, 149—151
ORDER BY clause, using in SELECT queries, 42
order checkout
by Django, 130—151
requirements for, 124—129
Order Details page, 167—169
creating, 156, 163—165
order filtering
customer-based, 195
hybrid approach, 195—196
order form, and checkout template, 143—149
order information models, 131—133
Order model
contents of, 131
defining get_absolute_url() method on, 162
order processing, preparing module for, 139—
141
order_details URL entry, 157
order_info.html, creating and adding code to,
169
order-based filtering, 194
ordering variable, 58
setting, 52
OrderItem model, contents of, 131
OrderItemInline class, creating, 150
orders
giving status field to, 131
submitting to Google Checkout API, 111—
112
ORM, in Django, 44—45
P
padder classes, use of, 31
padlock symbol, indicating a secured site, 124
page content, importance of for searching, 233
Page Not Found error, in Django, 69
page titles and meta tags, configuring, 66—68
PageRank algorithm, used by search engines,
232
pagination, of search results, 183—184
pagination_links.html file, creating and adding
template code to, 189
Paginator instance, creating new in views.py
file, 190
parameters, URL-encoding for post request,
138
Parlar, Jay, SSL middleware created by, 125
passkey.py file, creating and adding code to,
275
INDEX
377
passphrase, removing from key file, 335—336
password_change_done.html, adding template
code to, 163
password_change_form.html, adding template
code to, 162—163
passwords
making more secure, 260—261
storing customers securely, 267—269
PCI (Payment Card Industry) compliance, 11
PCI Security Standard, reading and complying
with, 270
percentage (%) wildcard character, substituting
with other ORM matchers, 281
performance, improving, 279—297
period (.) character, escaping with a backslash,
243
permissions. See also Django permissions
applying to groups, 257
pipe ( | ) character, using to separate
transactions, 138
POST and GET, used when processing forms, 88
POST request, basics of constructing, 114
post() function
arguments taken by, 212
making Ajax requests with, 212
_prepare_words() function, 186
prepareDocument() function, 211
adding code to attach events and behaviors
to, 216
prepend() function, adding review to top of
reviews div with, 219
prepopulated_fields variable, 58
Presentation Tier, 44
preview app, creating, 28
primary key, 41
privacy policy, creating page for on cart app,
105
process() method, 140
processed status, 133
product and category admins, 57—59
product catalog
testing, 304—313
writing functional tests for, 304—307
product catalog model tests, writing, 313—315
product catalog tagging, 220—226
Product class, adding code to, 203
product data, setting up, 45—56
product database table
adding three new columns to, 175
making edits to, 174—175
product images, 173—178
naming of, 63
product model
adding test class for, 313
creating, 54—56
editing, 175—176
most important field in, 56
removing field from, 175
Product model class, adding cache_key
property to, 292—293
Product model class, hooking up the new
Manager class in, 181
product model instance, adding new tags to,
222
product orders, looking up using order number,
263
product page
adding a new redirect to, 244
adding RDFa-formatted markup to, 239—240
changing the slug on, 244
deciding information needed for, 47
rough sketch of, 46
product page recommendations, 193—194
a hybrid approach, 195—196
product page view, variables to test for in
response context, 312
product pagination, testing, 191
product review controls, flow of in action, 216
product review form
adding a review to, 219—220
troubleshooting, 219—220
product reviews, 213—220
adding in Ajax, 219—220
the Ajax part of the equation, 216—219
product search
creating instant, 179—180
implementing, 179—192
product tag cloud page, adding to site's footer,
225—226
product tagging, 220—226
enabling, 222
product template, adding form variable to, 92
product.html file, adding code to, 71
product_list.html template file, creating and
adding code to, 202
product_review.html file
adding CSS code to, 215
creating and adding code to, 215
INDEX
378
product_thumbnail.html, creating, 178
products() function, calling to get search
results, 186
profile.py file, creating and adding function
definitions to, 168
Programming Collective Intelligence, by Toby
Segaran, 204
promotional email box, 122
property decorator, in Python, 115—116
Prototype, JavaScript library, 208
public-key cryptography, asymmetric
cryptography use of, 334
purchasing and inventory management, for e-
commerce applications, 13
put() method, calling to save generated cart
items, 355
PyDev extensions, installing, 9
Python
building XML documents in, 112—114
duck typing in, 155
making HTTP requests in, 114—115
monkey patching in, 155
Python Abstraction Notation One library
creating a symbolic link to, 272
web site address, 271
Python and Django test methods, 301—303
Python Cryptographic Toolkit
for handling cryptography inside Python,
270
web site address, 271
Python decorators, caveat about, 53
Python function
for credit card validation, 134
that acts as a Django view, 23—24
to return directory as a string, 34
Python httplib module, submitting sensitive
data with, 128—129
Python Imaging Library (PIL), installing, 174
Python list comprehension, building the result
with, 136
Python programming language
Django web framework written in, 4
installing, 7—8
Python property decorator, 115—116
Python unittest.TestCase testing methods, 301
Python-memcached module, web site address,
287
Q
Q objects, complex lookups with, 182—183
queries, breaking up to improve performance,
282
query string, what it contains, 263
Query(Category), google.appengine.db.Query
generated by, 350
querying
applying a filter to, 181
model managers for product data, 180—182
R
random number generator, provided by
operating systems, 198
RDFa-formatted markup, adding to product
page, 239—240
ready() function, calling on the document
body, 210
receipt page, after placing order, 148
receipt.html file, adding template code to, 145—
146
recommended_from_search() function, 200
recommended_from_views() function, using,
202
redirects app, installing, 244
redirects framework, in Django, 244
refunds, handling of, 124
registration form
making more secure, 260—261
signing with hidden input field, 264—265
updating view function for improved
security, 261
registration page
creating, 156
setting up views for, 157
registration/order_details.html file, creating,
164
regulatory guidelines, for web accessibility, 10
relational database. See also databases
what makes it, 42—44
--remote argument, using to query for and edit
model instances, 363
render_to_response() function
greater ease with, 28—29
using, 69
render_to_string() function, using Django's,
218
reorder quantity, 13
INDEX
379
request, dictionary of headers for, 138
request-response system. See sessions
resolve() method, retrieving value of
template_name keyword argument
with, 309—310
Resource Description Framework in attributes.
See semantic web-microformats &
RDFa
response object, context property for testing for
variables, 311
restart command, performing both start and
stop with, 327
results() view function, adding code to, 191
results.html file, creating, 190—191
retrieve() method, getting currently
authenticated user profile with, 168
Return Policy page, 105
reverse order, sorting in, 52
reverse proxy add forward module for Apache
(mod_rpaf), installing, 332
review model, adding code for to models.py
file, 213
review model and form, 213—214
robots.txt file
adding to your site, 241—242
creating and adding text to, 241
Ross, Margy, Data Warehouse Toolkit, The: The
Complete Guide to Dimensional
Modeling (Second Edition) by, 246
Ruby on Rails, migration to Django, 175
runserver command
running, 61
running App Engine projects locally with,
343
S
sale_price() method
using custom, 72
using, 313—314
sandbox account
creating, 110—111
upgrading to Google Checkout Merchant
Account, 124
save() method, calling on a view, 202
scalability, importance of for performance, 279
scaling, for improving performance, 279—297
Schneier, Bruce, Applied Cryptography
Protocols, Algorithms, and Source Code
in C, Second Edition by, 270
script.aculo.us, JavaScript library, 208
scripts.js file, adding custom JavaScript code to,
210
search, implementing, 184—185
search app, adding code to tests.py file in, 319
search box
adding to search module, 191—192
coding form class for, 187
resolving problems with, 211—211
Search Engine Optimization, 11
search engine optimization (SEO), 66, 231—254
Search Engine Results Pages (SERPs), making
site friendly for adding to, 231
search engines
canonicalization process, 237
making a best guess, 237
sitemaps for, 242—243
search module, 185—187
search requirements, 180
search results, pagination issues, 183—184
search template tags, 187—189
search view and template, 189—192
search.py file, creating, 185—187
search_box.html file, creating and adding code
to, 188
search_fields, 58
search_searchterm table, adding a column to,
198
search_tags.py file, creating and adding code
to, 188
searches, dealing with, 198—200
searching, hand-coded form for, 179—180
SearchTerm model, editing inside
search/models.py, 198
Section 508, web accessibility guidelines, 10
security
importance of for applications, 10
of MySQL database, 20
security testing, 319—321
Segaran, Toby, Programming Collective
Intelligence by, 204
SELECT command, 41
semantic web-microformats & RDFa, 238—240
Send shipping notice button, for shipping the
product, 123
SEO guidelines, Google's web site address for,
232
session expiration value, setting, 285
INDEX
380
SESSION_AGE_DAYS, calling to remove old
carts, 285
SESSION_COOKIE_SECURE value, setting, 84
sessions
enabling and using, 85—86
introduction to, 80—86
SessionStore class, request session object as
instance of, 85
set() function, for setting a new item in the
cache, 289
set() method, retrieving profile of current user
with, 168
settings file, storing number of products per
row in, 199
settings.py file
adding configuration values to, 137
adding Merchant ID and Merchant Key to,
115
adding new app to INSTALLED_APPS in,
116
adding new cart app to, 83
adding new class to
MIDDLEWARE_CLASSES in, 237
adding profile module to, 167
changing for Django admin interface, 56—57
defining one constant variable in, 189
for ecomstore project, 19
settings_local.py file, creating for configuration
variables, 259
setup() method
called by Django test runner, 305
instantiating Client class in, 306
SHA-1 (Secure Hash Algorithm), for secure
storage of passwords, 267—268
shipped status, 133
shipping option, added to XML cart, 118
Shopify, applications for selling stuff online, 2—
3
shopping cart
creating, 79—108
naming, 79
requirements, 79—80
shopping cart model, 82—83
requirements for, 82
shopping cart page
adding style definitions to CSS file, 97
creating, 95—101
opening cart template and replacing code
in, 98—100
with Google Checkout button, 120
shopping cart table, adding style definitions to
CSS file, 97—98
shopping cart XML, example of, 112—113
shopping carts, removing expired from
database, 284
show_category view function, adding code to
use Memcached to load products, 291
show_checkout() view function, tweaking for
Checkout page, 169
signup page, creating template file for, 158—159
simplejson module
downloading and installing, 271
web site address, 271
site checkout & orders, 109—151
site navigation include, 35—37
sitemap.py file, creating and adding code to,
242—243
/sitemap.xml, testing in browser to verify it's
working properly, 243
sitemaps
for search engines, 242—243
making viewable, 243
specifications for, 242
submitting, 245
size attribute, setting for form fields, 136
skip link, adding to code, 31
SliceHost
book companion site hosted on, 326
web site address, 326
slideToggle() function, for bringing hidden
elements into view, 216
SlugField. See Django SlugField
SlugField field type, 48
using for records lookup, 49
software
installing, 7—9
used in book, 5—6
sort_words() function, passing Python list to,
199
source code
getting onto your deployment machine, 328
making friends with Django's, 153—154
specifications, creating functional before
programming, 1—2
Sphinx full-text search engine, web site address,
192
spiders, used by search engines, 232
split() method
INDEX
381
calling on a string, 138
complex lookups with in Python, 182—183
SQL, introduction to, 40—42
SQL injection attacks, preventing, 265—266
SQL syntax, basics of, 40—42
SSL (Secure Socket Layer), configuring for
deploying web app, 334—338
SSL middleware
created by Stephen Zabel and Jay Parlar,
125
for securing sensitive checkout data, 124—
126
hooking into project, 126
securing a site with, 124
web site address, 126
startapp search app
adding model definition to, 184
creating, 184
statelessness of HTTP, 81
static content, serving on Windows, 33
static media generator, in App Engine Patch,
345
stats app
creating model to log product page views in,
200
creating stats.py file in, 197
creating to store code for tracking
information in, 197
stats.py file
adding imports and function definitions in,
199
adding imports and function definitions to,
200—201
creating in stats.py file, 197
status field, meaning of statuses in, 133
store app
creating store_product.html template file
in, 359
creating template file for category page, 359
creating template file for homepage, 358
creating url.py file in and adding URL
entries, 357
store() function, adding code to for tracking_id,
198
store/views.py file, creating view functions and
URL entries in, 356—357
store_category_list.html, creating and adding
code for links, 350
strftime('%B') Python function, benefits of
using, 136
string fields, defining in your application, 49
strip_non_numbers() method, 136
STRIP_WORDS constant, 186
Structured Query Language (SQL). See SQL;
SQL syntax
submitted status, 133
Subversion, 6
Subversion repository, code available for
checkout from, 6
superuser account, creating for Django project,
61
supply chain management, for e-commerce
applications, 13
symmetric cryptography, 270
syncdb script, running, 61
T
tag cloud, creating, 224—226
Tag model, function of, 221
tag.html template file
adding template code to, 225
adding URL definitions to, 225
creating, 229
tag_link.html file, creating and adding code to,
222
TaggedItem model, function of, 221
tagging module, registering models you want to
tag in, 221
Tamper Data, addon for Firefox, 7
tasks, running daily, 14
template, search view and, 189—192
template & view
basics of, 23—25
changes, 214—216
template caching, 288—289
template files, creating, 69—72, 358
template filters, in Django, 96—97. See also
Django template filter
template inclusion tags, creating, 187
template inheritance, 25—28
template tags, adding custom, 101—108
template testing, 309—311
template_name keyword argument, retrieving
value of, 309
templates. See also Django templates
advanced with inheritance, 25—28
shipped with Django source, 155
INDEX
382
templates directory
creating billing subdirectory in and adding
add_card.html to, 276
creating catalog.html in, 26—27
creating checkout subdirectory in, 144
creating new search subdirectory in, 190—
191
templates folder, creating tags directory in, 35
templates, URLs, and views, 65—73
templates/tags directory
creating footer.html file and adding code
for, 107
creating form_table_row.html in, 143—144
templatetags directory
creating, 187
creating and adding modules to, 144
test classes, anatomy of, 303
test code, for emulating a successful add-to-
cart operation, 315—317
test database, creation of, 301
test methods, writing to ensure product view is
working correctly, 310—311
test orders, example of list of placed on site, 150
test page, getting running, 346
test state, managing with fixtures, 307—308
test_add_product() method, looking at, 317
testing
adding automated to your application, 300
checkout form, 318—319
forms and shopping cart, 315—318
implementation of listener, 330
security of web app, 319—321
tests, running for a single app in project, 305
tests.py file, 45
adding Client test class to, 318—319
adding code to for category testing, 308
created by Django, 303
removing placeholder code from, 304
TextField field type, 48
Thanks page, after finishing Google Checkout,
122
third normal form (3NF), 43
third-party search solutions, 192
three-tier architecture, 44
timeout value, setting for items in cache, 290
title and meta tags, 233—234
title tags, making the best use of, 233
tracking_id
adding code for in store() function, 198
creating a new one, 198
generating random strings of characters for,
198
trademark and copyright issues, 235
troubleshooting, product review form, 219—220
True/False fields, 51
managing products with, 56
try keyword, detecting exceptions with, 114
Twitter, dictionary attack on, 260
U
Ubuntu Linux Server 8.10 operating system,
deployment examples done on, 325
Ubuntu Server, notes on, 327
Ubuntu Server machine, installing Apache web
server on, 326—327
underscore (_) character, use of in function
names, 91
__unicode__() method, checking, 314
UPDATE command, 41
update() method, adding query to results
dictionary with, 186
URL definition, adding to catalog app's urls.py
file, 219
urlcanon.py file, adding redirect middleware to,
237
urlfetch syntax, using, 363
urlopen() function, 114
urlpatterns, adding code to, 190
urlpatterns tuple, updating, 65—66
urlresolvers module, returning location of
checkout page with, 140
URLs
a word or two about, 37
best delimiters to use in, 234
keywords in, 234
moving content from one to another, 244
submitting to Google for your site, 240—241
urls.py file
adding code for navigating to homepage,
28—29
adding code to, 65
adding lines to list of patterns in, 155
adding logic to include static media path, 32
adding robots code to, 242
adding URL definition to, 224
adding URL definitions to, 156—156
creating and adding URL entry to, 358
creating inside new search app, 190
INDEX
383
creating new, 141
creating URL entry inside marketing app in,
252
editing to navigate to admin interface, 57
for ecomstore project, 19
generating and routing links with, 53
urlset
creating other url elements inside of, 242
maximum value set by Google, 243
user accounts, creating, 153—171
User model, for creating user accounts, 153—
171
user session information, tracking, 84
UserCreationForm, code for displaying, 158—
159
users, applying permissions to, 257
utils app, creating and adding to settings.py file,
66
uviews.py file, adding code to product view in,
214
V
val() function, calling on an element, 211
validation, of models, 59—60
value() method
drawback to using, 280
getting one or a few fields with, 280
Verisign
for certificate verification, 335
web site address, 335
version control, a note on, 6
view, simple for testing homepage, 28
view function
creating to handle search requests, 180
creating to process newly submitted tags,
222
view functions and URL entries, creating for
App Engine, 356—357
view-based recommendations, 200—202
views
coding up catalog, 68—69
creating that pass in RequestContext object,
68
views.py file, 45
adding code for view function in, 189—190
adding code to use Memcached to load
products, 290
adding data into view function in, 203
adding import statements and view
functions to, 68—69
adding list of imports and two views
functions to, 141—143
adding product review view function to, 217
adding tag cloud functions to, 224
adding view function for tagging to, 223
adding view function in, 252
changing show_cart() view function in, 100
creating a single view function in, 28
creating a single view function in, 275—276
creating view function in, 163
making robots.txt file available at root of
site, 241
updating to handle POST requests, 91—92
views.py module, adding code to else block in,
169
virtual host, creating a file for inside sites-
available, 332
virtualenv, web site address, 323
void, 129
W
warning message, adding to top of site, 228—229
web accessibility
importance of for applications, 10—11
regulatory guidelines for, 10
web app project, deploying using appconf.py,
344
web apps
scaling horizontally, 324
scaling vertically, 324
security testing, 318—321
why we test them, 299—300
web development, start of, 1
web security, overview, 255—278
web server, using Apache 2.2 as, 326
Web Server Gateway Interface (WSGI) standard
interface, supported by Google App
Engine, 341
web site
launching into production, 240—245
protecting against external attacks, 258—266
securing from within, 255—257
verifying that you own it, 245
web site addresses
Advanced Integration Method (AIM)
Implementation Guide, 138
Amazon's Elastic Cloud Compute, 325
INDEX
384
Apache 2.2, 326
App Engine documentation, 362
Authorize.Net test account, 148
buildout, 323
Capistrano, 323
cmemcache module, 287
Django online documentation, 63
django-sphinx, 192
dmigrations, 175
Dojo, 208
duck typing, 155
ElementTree library, 114
for advice on static files, 32
for developer performance rules, 209
for Django software download, 4
for downloading django-tagging, 220
for downloading Google App Engine Patch,
343
for downloading Google App Engine SDK,
343
for downloading jQuery, 208
for obtaining source code for isapi-wsgi
module, 328
for package to log Django exceptions, 22
for sitemap specifications, 242
for thorough listing of character encodings,
138
for XML specification information, 113
Google Adwords Keyword Tool, 235
Google Base, 251
Google Checkout sandbox account, 110
Google Checkout XML API, 111
Google Sets, 235
Google Webmasters, 245
Google's BigTable database storage engine,
324
Google's SEO guidelines, 232
Haystack search package, 192
Luhn algorithm, 134
Matt Cutts blog, 234
Memcache wiki, 290
Memcached, 287
mod_rewrite, 37
MooTools, 208
MySQL, 21
mysqldump utility, 339
Nginx, 331
OpenSSL, 335
Prototype, 208
Python Cryptographic Toolkit, 271
Python function for credit card validation,
134
Python Imaging Library (PIL), 174
Python-memcached module, 287
Resource Description Framework in
attributes, 238
robots.txt file, 241
script.aculo.us, 208
simplejson module, 271
SliceHost, 326
Sphinx full-text search engine, 192
SSL Middleware, 126
strftime('%B') Python function, 136
to sign up for Authorize.Net test account,
130
Verisign, 335
virtualenv, 323
WebFaction, 326
YUI, 208
webapp framework, in Google App Engine, 341
WebFaction, web site address, 326
WHERE clause, 41
widget argument, 87
wildcard character (*), use of in SQL query, 280
Windows system, function to return directory
as a string, 34
XYZ
XML documents
basic rules for well-formed, 113
building in Python, 112—114
XML sitemap, example of, 242
XML specification information, web site
address for, 113
XSS attacks. See cross-site scripting attacks
YAML configuration file, editing, 344
YUI, JavaScript library, 208
YUI Compressor, using, 345
Zabel, Stephen, SSL middleware created by, 125
Offer valid through 4/10.
233 Spring Street, New York, NY 10013
Các file đính kèm theo tài liệu này:
- Beginning Django E-Commerce.pdf